# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libssh2
pkgver=1.11.0
pkgrel=2
pkgdesc="library for accessing ssh1/ssh2 protocol servers"
url="https://libssh2.org/"
arch="all"
license="BSD-3-Clause"
makedepends_host="openssl-dev>3 zlib-dev"
checkdepends="bash"
subpackages="$pkgname-dbg $pkgname-static $pkgname-dev $pkgname-doc"
source="https://www.libssh2.org/download/libssh2-$pkgver.tar.gz
	add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-Attack.patch
	"

# secfixes:
#   1.11.0-r1:
#     - CVE-2023-48795
#   1.9.0-r1:
#     - CVE-2019-17498
#   1.9.0-r0:
#     - CVE-2019-13115
#   1.8.1-r0:
#     - CVE-2019-3855
#     - CVE-2019-3856
#     - CVE-2019-3857
#     - CVE-2019-3858
#     - CVE-2019-3859
#     - CVE-2019-3860
#     - CVE-2019-3861
#     - CVE-2019-3862
#     - CVE-2019-3863

build() {
	./configure \
		--build=$CBUILD \
		--host=$CHOST \
		--prefix=/usr \
		--sysconfdir=/etc \
		--mandir=/usr/share/man \
		--infodir=/usr/share/info \
		--localstatedir=/var \
		--with-crypto=openssl \
		--with-libssl-prefix=$CBUILDROOT/ \
		--disable-docker-tests
	make
}

check() {
	# with --disable-docker-tests above only mansyntax.sh and test_simple are
	# run, other tests require docker and a running sshd
	make check VERBOSE=1
}

package() {
	make DESTDIR="$pkgdir" install
}

sha512sums="
ef85e152dc252bd9b1c05276972b9c22313f5d492743dde090235742746d67f634f2a419eff9162132e2274c8582113b75279b074e0c7b34b2526b92fd1a1e8e  libssh2-1.11.0.tar.gz
5a3fc886962032d4f0a244942c0db216bb108d57ac79f454ec05527e76a744689a5dc89d6d20b5abc2a0b75144d7c2eb95286f23190ecaf9bbb456fb14922125  add-strict-KEX-to-fix-CVE-2023-48795-Terrapin-Attack.patch
"
